robotsnoindex

This section describes problems you might have when logging in to, or using, your Atlassian account.

Unable to log in to Atlassian account using Safari on High Sierra

Possible causeAction you can take
Cookies are not allowed. (Safari on High Sierra disallows cookies by default.)
  1. Open Safari and choose Safari > Preferences from the top menu bar.
  2. Click Privacy.
  3. Clear the following checkboxes:
    • Prevent cross-site tracking
    • Block all cookies
  4. You may need to restart your browser for these settings to take effect.


Unable to log in to Atlassian account using Chrome

Possible causeAction you can take
Cookies are not allowed.
  1. Open Chrome and choose > Settings from the top right of the browser. A new tab opens.
  2. Scroll down, then click Advanced.
  3. Scroll down, then click Content settings.
  4. Click Cookies.
  5. Switch on the Allow sites to save and read cookie data toggle.
  6. Switch off the Block third-party cookies toggle.
  7. If the settings don't take effect right away, restart your browser.


Unable to log in to Atlassian account using Internet Explorer

When attempting to log in to your Atlassian account using Internet Explorer you see the error message "Something has gone wrong".


Possible causes

Actions you can take

Cookies are not allowed in your computer's Internet Options.

Do either of the following:

  • Allow cookies for all sites

To allow cookies for all sites:
  1. Go to Control Panel > Internet Options
  2. Click the Privacy tab
  3. Under "Settings", click Advanced
  4. Adjust your settings to accept first-party and third-party cookies:

  • Allow cookies for just Atlassian cloud sites

To allow cookies for just Atlassian cloud sites:
  1. Go to Control Panel > Internet Options
  2. Click the Privacy tab
  3. Under "Settings", click Sites
  4. Allow the following sites to use cookies:

You should also check that the correct security level is set, as described below.

Read more about Atlassian cloud domains and IP address ranges.

The security level for the 'Internet zone' is not set properly in your computer's Internet Options.

Do either of the following:

  • Set the correct security level for all sites

To set the security level for all sites:
  1. Go to Control Panel > Internet Options
  2. Click the Security tab
  3. Set the security level for the Internet zone to Medium-high:

  • Set the correct security level for just Atlassian cloud sites

To set the security level for just Atlassian cloud sites:
  1. Go to Control Panel > Internet Options
  2. Click the Security tab
  3. Set the security level for Trusted sites to Medium-high:
  4. Now, while in the Trusted sites section, click the Sites button
  5. Add the following sites to the Trusted sites zone:


You should also check that cookies are allowed, as described above.

Read more about Atlassian cloud domains and IP address ranges.

Back to top

Unable to log in to Atlassian account using Firefox

Possible causeAction you can take
Cookies are not allowed.
  1. Open Firefox and choose > Preferences from the top right of the browser. A new tab opens.
  2. From the left menu, choose Privacy & Security.
  3. Look under History.
  4. In the Firefox will menu, choose Remember history.
  5. If the settings don't take effect right away, restart your browser.


Unable to log in to Atlassian account using Microsoft Edge

Possible causeAction you can take
Cookies are not allowed.
  1. Open Edge and choose . The Settings window opens. A new tab opens.
  2. Scroll down and click View advanced settings.
  3. Scroll down to Cookies.
  4. From the Cookies menu, choose Don't block cookies.
  5. If the settings don't take effect right away, restart your browser.


Invitation emails for new users to sign up with Atlassian account get lost

When creating a new user in the 'User management' screen of an Atlassian cloud product, with Send invitation email selected, you see the 'email has been sent' message, as below, but the invitation email does not actually get sent.

Possible causes

Actions you can take

This can happen if you initially enter an invalid email address while creating the user. Although you correct the email address, or recreate the account with the correct address, the invitation does not get sent because the invalid email address has already been blocked.

Other causes can include:

  • The user's email address is not set up yet
  • The user's inbox is full
  • The mail server is down

You can do either of:

  • Make sure the email address is valid and click Resend.
  • For urgent cases, contact Atlassian Support to check on the status of the email address.

Back to top

Account created with an Apple private relay address

Possible causeAction you can take

You initially chose 'Hide my email' when signing in with Apple. This means we only receive an anonymous email address for you that looks like this: <code>@privaterelay.appleid.com

Hiding your email can make collaboration difficult, because of the following:

  • Your team won't recognize who you are when your email is hidden
  • Apple rejects emails that are related to your team's content changes as these come from team-specific domains such as <team>.atlassian.net
  • Apple rejects all emails that come from Atlassian Ecosystem add-ons (extensions to your products) as these are coming from third-party developers.

On your IOS device/iPhone

  1. Open the Settings app and click on your Apple ID profile
  2. Select Password and security
  3. Select Apple ID logins
  4. Select Atlassian
  5. Click Stop using Apple ID

Or on the web

  1. Open https://appleid.apple.com
  2. Select Security
  3. Select Manage. You'll find this under Apps and Websites using Apple ID
  4. Select Atlassian
  5. Click Stop using Apple ID


The next time you log in, you'll have the option to share your email after hiding your email. You'll now be able to collaborate on work with your team.




Issues with two-step verification

This section describes problems you might have when using two-step verification to log in to your Atlassian account.

Your Atlassian account won't accept your verification code, but you know you're using the right code

  • Make sure you're not entering a space 
    Some authentication apps display the verification code in two segments, for example: 111 000. However, you generally want to enter your code as a single string: 111000.
  • Make sure you're looking at the code for the correct account 
    Many apps allow you to add several accounts and codes in the same app and some display in the same area. Verify you're looking at the correct verification app and the correct code for your Atlassian account.
  • Make sure your phone has the correct time 
    Verification codes may not work if the time for your app and phone are different. If necessary, reset your phone's clock and then try to access your account again.

If you've tried everything in this list, log in with your emergency recovery key. 

You've replaced your phone, or want to start using a different verification app

Disable two-step verification, then enable two-step verification again on your new phone or verification app.

Your emergency recovery key doesn't work or you've lost it

  • Make sure it's not an old emergency recovery key. You may have already used that one previously and have your newest one saved elsewhere.
  • If you have a managed account, speak to your organization administrator.  
  • If you have an unmanaged account click Can't find your recovery key? below the recovery code screen. Then click Send recovery email. After 48 hours you'll receive an email with a link that lets you access your account and directs you to the two-step verification settings page. You can also follow the instructions in the email to disable two-step verification or enroll a new device.

You log in with Google or SAML single sign-on

You can't use two-step verification. We recommend that you use Google's 2-Step Verification or your SAML provider's equivalent.

If you can choose between logging in with Google and an Atlassian account password, then you can enable two-step verification. However, we'll only request a verification code when you log in with an Atlassian account password, not when logging in with Google.

Issues with Single Sign-On with SAML

This section describes problems you might have when using Single Sign-On with SAML to log in to your Atlassian account.

If you see errors from your identity provider, use the provider's support and tools rather than Atlassian Support.

Unable to log in with single sign-on

Possible cause

Action you can take

There’s a few reasons why you may have trouble logging in with SAML single sign-on:

  • Your organization may no longer have a subscription to Atlassian Access, which is where SAML is set.

  • Your organization’s SAML single sign-on configuration may not be configured correctly.

Do either of the following:

  • Contact your organization admin to make sure they’re aware of the problem and so that they can suggest the best way to log in.

  • Log in using an Atlassian account password from the login page. If you don’t have a password, click the Can't log in? link to set one.

SAML error messages

The following table lists the error messages related to SAML problems:

Errors

Possible issues

A plain error screen with no Atlassian branding.

You might have network connectivity issues with your IdP. Try refreshing the page.

An error screen for your IdP.

You might have an issue with your IdP configuration, e.g. a user may not be able to access the Atlassian product from the IdP. Raise a ticket with your IdP to fix the issue.

"Your email address has changed at your Identity Provider. Ask your administrator to make a corresponding change on your Atlassian products."

A known issue with the SAML Beta. You'll soon be able to change the email addresses of your managed accounts from User management.

"We weren't able to log you in, but trying again will probably work."

SAML configuration was disabled for the user during the login process. Verify the SAML configuration and try again.

  • "We were expecting you to arrive with a different Identity Provider Entity Id. Ask your administrator to check the Atlassian configuration of SAML. You had xxx; but we were expecting xxx."

  • "Invalid issuer in the Assertion/Response"

The IdP Entity Id in the SAML configuration of your site administration may be incorrect. Verify that you're using the correct Entity Id and try again.

"xxx is not a valid audience for this Response"

The Service Provider Entity Id in the IdP SAML configuration may be incorrect. Verify that you're using the correct Entity Id and try again.

"The response was received at xxx instead of xxx"

The Service Provider Assertion Consumer Service URL in the IdP SAML configuration may be incorrect. Verify that you're using the correct URL and try again.

"The authenticated email address we were expecting was 'xxx', but we received 'xxx'. Please ensure they match exactly, including case sensitivity. Contact your administrator to change your email to match."

The user tried to log in to the IdP with an email address different from their Atlassian account email address. Verify that the user is logging in with the correct email address. Email addresses are also case sensitive.

  • "We were expecting an email address as the Name Id, but we got xxx. Please ask your administrator to check that Name Id is mapped to email address."

  • "We were expecting an email address as the Name Id, but didn't get one. Please ask your administrator to check that Name Id is mapped to email address."

  • "We were expecting a user ID, but didn't get one. Please ask your administrator to check that user ID is populated in the response. See the configuration and troubleshooting guide below."

  • "Unsupported SAML Version."

  • "Missing ID attribute on SAML Response."

  • "SAML Response must contain 1 Assertion."

  • "Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd"

  • "Invalid decrypted SAML Response. Not match the saml-schema-protocol-2.0.xsd"

  • "Signature validation failed. SAML Response rejected"

  • "No Signature found. SAML Response rejected"

  • "The Assertion of the Response is not signed and the SP requires it"

  • "The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response"

  • "There is an EncryptedAttribute in the Response and this SP not support them"

  • "Timing issues (please check your clock settings)"

  • "The Response has an InResponseTo attribute: xxx while no InResponseTo was expected"

  • "The InResponseTo of the Response: xxx does not match the ID of the AuthNRequest sent by the SP: xxx"

You're most likely using an unsupported IdP. Verify your IdP configuration by making sure you've done the following:

  1. The IdP can return email as the NameId.

  2. A user Id is mapped as a SAML attribute.

  3. The SAML responses are signed and not encrypted.

  4. The IdP's time is synchronized with NTP.